click.cpvrdr.com/redirect infection...

[dostin]

DDS.txt....

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2

Run by Dustin at 9:30:37 on 2013-11-20

Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16323.13046 [GMT -5:00]

.

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AV: Trend Micro Client/Server Security Agent Antivirus *Enabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Trend Micro Client/Server Security Agent Anti-spyware *Enabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Trend Micro Personal Firewall *Disabled* {50C2E989-60CF-0845-AFD3-290B7D301E79}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe

C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe

C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe

C:\Windows\system32\o2flash.exe

C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

C:\ProgramData\GorillaPrice\WatGorp.exe

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\Common Files\SPBA\upeksvr.exe

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Users\Dustin\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Users\Dustin\AppData\Local\Akamai\netsession_win.exe

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe

C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe

C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Trend Micro\Client Server Security Agent\PccNtMon.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Browny02\BrYNSvc.exe

C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe

C:\Program Files (x86)\Sonos\Sonos.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

uProxyOverride = <-loopback>;<local>

mWinlogon: Userinit = userinit.exe

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll

BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: CutePDF Form Filler Helper: {D41289F2-69C6-417B-897E-C653D677CBAF} - C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [Akamai NetSession Interface] "C:\Users\Dustin\AppData\Local\Akamai\netsession_win.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe

mRun: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"

mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"

mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"

mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe

mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe

mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun

mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~2.LNK - C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~1.LNK - C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: DisableCAD = dword:1

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll

Trusted Zone: innovativeglobal.com

TCP: Interfaces\{8F96E17A-4BD3-4757-BC19-2B020AAD1F31}\54E4746545D2F46666963656D25374 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{8F96E17A-4BD3-4757-BC19-2B020AAD1F31}\56E676674775966696 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{8F96E17A-4BD3-4757-BC19-2B020AAD1F31}\84F4D454D213341423 : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{BC4F6DA4-537F-451A-AB5F-DEE877CE4043} : NameServer = 4.4.4.4,8.8.8.8

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - 

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

LSA: Authentication Packages =  msv1_0 wvauth

LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - <orphaned>

x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\nnrw2g8z.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

.

============= SERVICES / DRIVERS ===============

.

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-6-19 16152]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-6-19 55856]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-6-19 22128]

R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-8-8 28600]

R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2010-11-8 196688]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-6-19 235520]

R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-8-8 440376]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-8-8 440376]

R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-8-8 1164360]

R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-8-8 106904]

R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2012-3-19 1043872]

R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2012-3-19 36768]

R2 EmbassyService;EmbassyService;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-1-17 218504]

R2 GorillaPrice;GorillaPrice;C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -service --> C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -service [?]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-19 13592]

R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max Design 2014 64-bit;C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-14 86016]

R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-9 144672]

R2 svcGenericHost;Trend Micro Client/Server Security Agent;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [2011-4-7 50704]

R2 TmFilter;Trend Micro Filter;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [2011-3-24 310032]

R2 TmPreFilter;Trend Micro PreFilter;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmpreflt.sys [2011-3-24 42768]

R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2010-11-8 338000]

R2 UsbClientService;UsbClientService;C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2011-2-18 245760]

R2 WatGorp;WatGorp;C:\ProgramData\GorillaPrice\WatGorp.exe -service --> C:\ProgramData\GorillaPrice\WatGorp.exe -service [?]

R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-1-5 1679872]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-6-19 96896]

R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-6-19 135720]

R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-9-25 245760]

R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2013-6-19 615464]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-6-19 39976]

R3 busenum;Synology Virtual USB Hub;C:\Windows\System32\drivers\busenum.sys [2011-2-18 56160]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-6-19 172704]

R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2012-3-19 45672]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-6-19 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-6-19 788760]

R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2013-6-19 84712]

R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2013-6-19 68208]

R3 TmPfw;Trend Micro Client/Server Security Agent Personal Firewall;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmPfw.exe [2010-7-21 596032]

R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe [2010-7-21 917840]

S2 CLKMSVC10_9EC60124;CyberLink Product - 2013/06/19 15:26:52;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2011-8-11 248304]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-7-6 77352]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-8-8 1471792]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-20 111616]

S3 irstrtdv;Intel® Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2013-6-19 26504]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-2-28 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-2-28 180736]

S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2013-6-19 446824]

S3 O2MDFRDR;O2MDFRDR;C:\Windows\System32\drivers\o2mdfw7x64.sys [2013-6-19 72808]

S3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2013-6-19 74984]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]

S3 ST7007;ST7007;C:\Windows\System32\drivers\ST7007.sys [2013-6-19 67696]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-9 1255736]

S3 wbfcvusbdrv;WBF Control Vault;C:\Windows\System32\drivers\wbfcvusbdrv.sys [2012-3-19 15976]

S3 WvPCR;WvPCR;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-1-16 198144]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"

.

=============== Created Last 30 ================

.

2013-11-15 14:46:52 116440 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2013-11-15 14:45:51 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2013-11-13 03:56:54 404480 ----a-w- C:\Windows\System32\gdi32.dll

2013-11-13 03:56:54 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-11-13 03:56:53 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-11-13 03:56:53 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-11-13 03:56:53 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-11-13 03:56:53 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-11-13 03:56:53 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-11-04 18:12:28 -------- d-----w- C:\Program Files\nwcreate_data11

2013-11-04 18:11:51 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll

2013-11-04 18:11:51 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll

2013-11-04 18:11:51 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll

2013-11-04 18:11:51 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll

2013-11-04 18:11:50 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll

2013-11-04 18:11:50 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll

2013-11-04 18:11:50 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll

2013-11-04 18:11:50 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll

2013-10-31 14:33:23 -------- d-----w- C:\Autodesk

2013-10-31 14:04:37 -------- d-----w- C:\Program Files\Common Files\MAP-Software

2013-10-30 18:24:57 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-10-30 17:50:22 -------- d-----w- C:\Users\Dustin\AppData\Roaming\Navisworks 2014

2013-10-30 17:50:22 -------- d-----w- C:\Users\Dustin\AppData\Roaming\Autodesk Navisworks Manage 2014

2013-10-30 17:50:22 -------- d-----w- C:\ProgramData\Autodesk Navisworks Manage 2014

2013-10-30 16:32:41 -------- d-----w- C:\ProgramData\FARO

2013-10-30 16:20:15 -------- d-----w- C:\Program Files (x86)\DWG TrueView 2014

2013-10-30 15:21:13 -------- d-----w- C:\Revit SDK 2014

2013-10-30 15:19:33 -------- d-----w- C:\Program Files\Autodesk Network License Manager

2013-10-30 13:57:31 -------- d-----w- C:\Users\Dustin\AppData\Local\CutePDF Writer

2013-10-25 17:31:30 -------- d-----w- C:\AdwCleaner

2013-10-25 15:49:54 -------- d-----w- C:\Users\Dustin\AppData\Local\Programs

2013-10-25 15:38:10 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-24 12:55:51 -------- d-----w- C:\Users\Dustin\AppData\Local\{B1ED3F04-BDDF-4582-A72C-5ED85A917A0D}

2013-10-24 12:55:51 -------- d-----w- C:\Users\Dustin\AppData\Local\{419A7B7D-3F42-47DF-8FDA-054F8D55C47A}

2013-10-23 14:18:25 -------- d-----w- C:\Program Files (x86)\Sonos

2013-10-23 14:18:20 -------- d-----w- C:\ProgramData\Sonos,_Inc

2013-10-23 14:17:50 -------- d-----w- C:\Windows\System32\appmgmt

2013-10-22 17:12:14 -------- d-----w- C:\ProgramData\Oracle

2013-10-22 17:11:53 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

.

==================== Find3M  ====================

.

2013-11-19 13:14:32 106904 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2013-10-24 16:41:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-24 16:41:40 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-10-01 12:32:31 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys

2013-10-01 12:32:31 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll

2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll

2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe

2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll

2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll

2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll

2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll

2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll

.

============= FINISH:  9:30:55.62 ===============

 

Attach.txt...

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional 

Boot Device: \Device\HarddiskVolume2

Install Date: 8/8/2013 7:47:48 AM

System Uptime: 11/20/2013 8:05:10 AM (1 hours ago)

.

Motherboard: Dell Inc. |  |       

Processor: Intel® Core i7-3840QM CPU @ 2.80GHz | SOCKET 0 | 2801/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 225 GiB total, 97.326 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

 Object Enabler on AutoCAD Architecture 2014 - English - English (United States)

 Object Enabler on AutoCAD MEP 2014 - English - English (United States)

 Object Enabler on Autodesk 360 - Language Neutral

 Object Enabler on Autodesk 3ds Max Design 2014 - Language Neutral

 Object Enabler on Autodesk DirectConnect 2014 64-bit - Language Neutral

 Object Enabler on Autodesk Fabrication CADmep 2014 Object Enabler - Language Neutral

 Object Enabler on Autodesk Inventor 2014 - Language Neutral

 Object Enabler on Autodesk Navisworks Manage 2013 - 2011 DWG File Reader - Language Neutral

 Object Enabler on Autodesk Navisworks Manage 2013 - 2012 DWG File Reader - Language Neutral

 Object Enabler on Autodesk Navisworks Manage 2014 - 2011 DWG File Reader - Language Neutral

 Object Enabler on Autodesk Navisworks Manage 2014 - 2012 DWG File Reader - Language Neutral

 Object Enabler on Autodesk Navisworks Manage 2014 - 2014 DWG File Reader - Language Neutral

 Object Enabler on Autodesk Revit Interoperability for Inventor 2014 - Language Neutral

 Object Enabler on Revit 2014 - Language Neutral

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.05)

Advanced Audio FX Engine

Akamai NetSession Interface

AutoCAD 2013 - English

AutoCAD 2013 Language Pack - English

AutoCAD Architecture-MEP 2011 Object Enabler on Autodesk Navisworks Manage 2013 - 2011 DWG File Reader - Language Neutral

AutoCAD Architecture-MEP 2011 Object Enabler on Autodesk Navisworks Manage 2014 - 2011 DWG File Reader - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk 360 - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk 3ds Max Design 2014 - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk DirectConnect 2014 64-bit - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk Fabrication CADmep 2014 Object Enabler - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk Inventor 2014 - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk Navisworks Manage 2014 - 2014 DWG File Reader - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Autodesk Revit Interoperability for Inventor 2014 - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on DWG TrueView 2014 - Language Neutral

AutoCAD Architecture-MEP 2014 Object Enabler on Revit 2014 - Language Neutral

AutoCAD Architecture 2014 - English

AutoCAD Architecture 2014 Language Pack - English

AutoCAD Civil 3D 2011 64 Bit Object Enabler on Autodesk Navisworks Manage 2013 - 2011 DWG File Reader - Language Neutral

AutoCAD Civil 3D 2011 64 Bit Object Enabler on Autodesk Navisworks Manage 2014 - 2011 DWG File Reader - Language Neutral

AutoCAD MEP 2013 - English

AutoCAD MEP 2013 - English SP2

AutoCAD MEP 2013 Language Pack - English

AutoCAD MEP 2014 - English

AutoCAD MEP 2014 - English SP 1

AutoCAD MEP 2014 Language Pack - English

AutoCAD Plant 3D 2011 Object Enabler on Autodesk Navisworks Manage 2013 - 2011 DWG File Reader - Language Neutral

AutoCAD Plant 3D 2011 Object Enabler on Autodesk Navisworks Manage 2013 - 2012 DWG File Reader - Language Neutral

AutoCAD Plant 3D 2011 Object Enabler on Autodesk Navisworks Manage 2014 - 2011 DWG File Reader - Language Neutral

AutoCAD Plant 3D 2011 Object Enabler on Autodesk Navisworks Manage 2014 - 2012 DWG File Reader - Language Neutral

Autodesk 360

Autodesk 3ds Max Design 2014

Autodesk 3ds Max Design 2014 64-bit Populate Data

Autodesk App Manager

Autodesk AutoCAD Architecture 2014 - English

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on AutoCAD Architecture 2014 - English - English (United States)

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on AutoCAD MEP 2014 - English - English (United States)

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk 360 - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk 3ds Max Design 2014 - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk DirectConnect 2014 64-bit - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk Fabrication CADmep 2014 Object Enabler - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk Inventor 2014 - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk Navisworks Manage 2014 - 2014 DWG File Reader - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Autodesk Revit Interoperability for Inventor 2014 - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on DWG TrueView 2014 - Language Neutral

Autodesk AutoCAD Civil 3D 2014 64 Bit Object Enabler on Revit 2014 - Language Neutral

Autodesk AutoCAD MEP 2014 - English

Autodesk AutoCAD Plant 3D 2014 Object Enabler

Autodesk Backburner 2014

Autodesk CAD Manager Tools

Autodesk Composite 2014

Autodesk Content Service

Autodesk Design Review 2013

Autodesk DirectConnect 2013 64-bit

Autodesk DirectConnect 2014 64-bit

Autodesk Download Manager

Autodesk DWG TrueView 2014

Autodesk Essential Skills Movies for 3ds Max Design 2014 64-bit

Autodesk Fabrication CADmep 2014 Object Enabler

Autodesk Featured Apps

Autodesk Inventor 2014

Autodesk Inventor 2014 - English

Autodesk Inventor 2014 English Language Pack

Autodesk Inventor Content Center Libraries 2014 (Desktop Content)

Autodesk Inventor Fusion 2013

Autodesk Inventor Fusion plug-in for AutoCAD 2013

Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013

Autodesk Inventor Server Engine for 3ds Max Design 2014 64-bit

Autodesk Material Library 2013

Autodesk Material Library 2014

Autodesk Material Library Base Resolution Image Library 2013

Autodesk Material Library Base Resolution Image Library 2014

Autodesk Material Library Low Resolution Image Library 2013

Autodesk Material Library Low Resolution Image Library 2014

Autodesk Material Library Medium Resolution Image Library 2013

Autodesk Material Library Medium Resolution Image Library 2014

Autodesk Navisworks 2013 64 bit Exporter Plug-ins

Autodesk Navisworks 2013 64 bit Exporter Plug-ins English Language Pack

Autodesk Navisworks 2014 64 bit Exporter Plug-ins

Autodesk Navisworks 2014 64 bit Exporter Plug-ins English Language Pack

Autodesk Navisworks Manage 2013

Autodesk Navisworks Manage 2013 - 2008 DWG File Reader

Autodesk Navisworks Manage 2013 - 2009 DWG File Reader

Autodesk Navisworks Manage 2013 - 2010 DWG File Reader

Autodesk Navisworks Manage 2013 - 2011 DWG File Reader

Autodesk Navisworks Manage 2013 - 2012 DWG File Reader

Autodesk Navisworks Manage 2013 - 2013 DWG File Reader

Autodesk Navisworks Manage 2013 English Language Pack

Autodesk Navisworks Manage 2014

Autodesk Navisworks Manage 2014 - 2008 DWG File Reader

Autodesk Navisworks Manage 2014 - 2009 DWG File Reader

Autodesk Navisworks Manage 2014 - 2010 DWG File Reader

Autodesk Navisworks Manage 2014 - 2011 DWG File Reader

Autodesk Navisworks Manage 2014 - 2012 DWG File Reader

Autodesk Navisworks Manage 2014 - 2013 DWG File Reader

Autodesk Navisworks Manage 2014 - 2014 DWG File Reader

Autodesk Navisworks Manage 2014 English Language Pack

Autodesk Network License Manager

Autodesk ReCap

Autodesk ReCap Language Pack-English

Autodesk Revit 2013

Autodesk Revit 2014

Autodesk Revit Interoperability for 3ds Max 2014

Autodesk Revit Interoperability for Inventor 2014

Autodesk Showcase 2013 64-bit

Autodesk SketchBook Designer 2013

Autodesk SketchBook Designer 2014

Autodesk SketchBook Designer for AutoCAD 2014

Autodesk Workflows - Building Design Suite 2013

Autodesk Workflows 2014

Avira Free Antivirus

BioAPI Framework

Bonjour

Brother MFL-Pro Suite MFC-6490CW

Brother MFL-Pro Suite MFC-J6710DW

CAD-Mep+ Object Enabler

CADWorx 2013 - Plant Object Enabler (C:\ProgramData\Autodesk)

Custom

CutePDF Professional 3.7

CutePDF Writer 2.8

CyberLink PowerDVD 9.6

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Backup and Recovery Manager

Dell ControlVault Host Components Installer 64 bit

Dell Data Protection | Access

Dell Touchpad

Dell Webcam Central

DellAccess

DirectX 9 Runtime

DWG TrueView 2014

Eco Materials Adviser for Autodesk Inventor 2014 (64-bit)

EMBASSY Client Core

FARO LS 1.1.408.2

FARO LS 1.1.501.0 (64bit)

FARO LS 4.8.2.25521

Foxit Reader

Gemalto

Google Chrome

Google Update Helper

GorillaPrice

IDT Audio

Intel® Control Center

Intel® Rapid Storage Technology

Java 7 Update 45

Java Auto Updater

Junk Mail filter update

Live! Cam Avatar Creator

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4.5

Microsoft Application Error Reporting

Microsoft Mouse and Keyboard Center

Microsoft Office

Microsoft Office 2003 Web Components

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual Basic for Applications 7.1 (x64)

Microsoft Visual Basic for Applications 7.1 (x64) English

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729

Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729

Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729

Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729

Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729

Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729

Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729

Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2005 Tools for Applications - ENU

Microsoft WSE 3.0

Microsoft WSE 3.0 Runtime

Mozilla Firefox 24.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

NTRU TCG Software Stack

Nuance PaperPort 12

Nuance PDF Viewer Plus

Open Downloader Manager

PaperPort Image Printer 64-bit

PC-CCID

PhotoShowExpress

Preboot Manager

Private Information Manager

QuickBooks Pro 2008

RBVirtualFolder64Inst

Revit 2013

Revit 2013 Language Pack - English

Revit 2014

Revit 2014 Language Pack - English

ROBLOX Player

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Scansoft PDF Professional

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4.5 (KB2737083)

Security Update for Microsoft .NET Framework 4.5 (KB2742613)

Security Update for Microsoft .NET Framework 4.5 (KB2789648)

Security Update for Microsoft .NET Framework 4.5 (KB2833957)

Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)

Security Update for Microsoft .NET Framework 4.5 (KB2861208)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

SketchUp Import for AutoCAD 2014

Skype™ 6.9

SolidWorks 2013 x64 Edition SP04

SolidWorks eDrawings 2013 x64 Edition SP04

SolidWorks Explorer 2013 SP04 x64 Edition

Sonic CinePlayer Decoder Pack

Sonos Controller

Space Naming Utility for Autodesk Revit MEP 2014

SPBA 5.9

ST Microelectronics 3 Axis Digital Accelerometer Solution

SupportSoft Assisted Service

Synology Assistant (remove only)

toolkit32for64bit

Trend Micro Client/Server Security Agent

Trusted Drive Manager

Update for Microsoft .NET Framework 4.5 (KB2750147)

Update for Microsoft .NET Framework 4.5 (KB2805221)

Update for Microsoft .NET Framework 4.5 (KB2805226)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition

Upek Touchchip Fingerprint Reader

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177

Wave Crypto Runtime 2.0.7.0 x86

Wave Infrastructure Installer

Wave Support Software Installer

WIDCOMM Bluetooth Software

Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

11/20/2013 9:09:26 AM, Error: Schannel [36888]  - The following fatal alert was generated: 43. The internal error state is 252.

11/20/2013 8:06:23 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

11/20/2013 8:05:21 AM, Error: Service Control Manager [7001]  - The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error:  The operation completed successfully.

11/20/2013 8:02:03 AM, Error: Service Control Manager [7031]  - The Autodesk Content Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

11/18/2013 11:26:43 AM, Error: Service Control Manager [7031]  - The Autodesk Content Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

11/15/2013 9:55:00 AM, Error: mbamchameleon [61440]  - 

.

==== End Of File ===========================

 

Thank you...

 

[Maniac]

Hello dostin and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Step 1

I notice that you are using more than one antivirus program.

• Avira Free Antivirus
• Trend Micro Client/Server Security Agent
• This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them and reboot your system.

  Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
  Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

  Step 3

  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.
  Note: Don't fix anything without my instructions

  In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • RogueKiller log

[dostin]

mbam log...

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.11.20.08

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Dustin :: CADPIG2 [administrator]

 

11/20/2013 9:59:56 AM

mbam-log-2013-11-20 (09-59-56).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 250406

Time elapsed: 2 minute(s), 10 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

RKreport...

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.11.20.08

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Dustin :: CADPIG2 [administrator]

 

11/20/2013 9:59:56 AM

mbam-log-2013-11-20 (09-59-56).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 250406

Time elapsed: 2 minute(s), 10 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

Thank you...

[Maniac]

You posted twice your MBAM log file.

[dostin]

Sorry about that, please see RKreport below:

 

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Dustin [Admin rights]

Mode : Scan -- Date : 11/20/2013 10:09:50

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] WatGorp.exe -- C:\ProgramData\GorillaPrice\WatGorp.exe [-] -> KILLED [TermProc]

[sUSP PATH][DLL] explorer.exe -- C:\Users\Dustin\Desktop\Malware\mbam\Malwarebytes' Anti-Malware\mbamext.dll [x] -> UNLOADED

 

¤¤¤ Registry Entries : 11 ¤¤¤

[RUN][sUSP PATH] HKUS\IECleanupTempUserHive\[...]\Run : NTRedirect (C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jerry\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][x]) -> FOUND

[DNS][PUM] HKLM\[...]\CCSet\[...]\{BC4F6DA4-537F-451A-AB5F-DEE877CE4043} : NameServer (4.4.4.4,8.8.8.8 [uNITED STATES (US) - UNITED STATES (US)]) -> FOUND

[DNS][PUM] HKLM\[...]\CS001\[...]\{BC4F6DA4-537F-451A-AB5F-DEE877CE4043} : NameServer (4.4.4.4,8.8.8.8 [uNITED STATES (US) - UNITED STATES (US)]) -> FOUND

[DNS][PUM] HKLM\[...]\CS002\[...]\{BC4F6DA4-537F-451A-AB5F-DEE877CE4043} : NameServer (4.4.4.4,8.8.8.8 [uNITED STATES (US) - UNITED STATES (US)]) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 1 ¤¤¤

[V2][sUSP PATH] EPUpdater : C:\Users\Jerry\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> FOUND

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) SAMSUNG SSD PM830 FDE 2. +++++

--- User ---

[MBR] bd8d7a871b9e2eb89a38704ad2346c14

[bSP] 006dbc43e8bbff603a47a0208055caf1 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 230191 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 471433216 | Size: 14005 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_11202013_100950.txt >>

 

 

 

Thank you...

[Maniac]

Step 1

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 2

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Clean.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[s1].txt as well.
• In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log

[dostin]

JRT...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Professional x64

Ran by Dustin on Wed 11/20/2013 at 11:00:38.97

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Successfully stopped: [service] gorillaprice 

Successfully deleted: [service] gorillaprice 

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\Program Files (x86)\delta"

Successfully deleted: [Empty Folder] C:\Users\Dustin\appdata\local\{419A7B7D-3F42-47DF-8FDA-054F8D55C47A}

Successfully deleted: [Empty Folder] C:\Users\Dustin\appdata\local\{92798887-3BAB-47A7-BDB3-CA577D5AE64B}

Successfully deleted: [Empty Folder] C:\Users\Dustin\appdata\local\{B1ED3F04-BDDF-4582-A72C-5ED85A917A0D}

 

 

 

~~~ FireFox

 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 11/20/2013 at 11:04:03.92

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

AdwCleaner...

 

# AdwCleaner v3.012 - Report created 20/11/2013 at 11:11:19

# Updated 11/11/2013 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Dustin - CADPIG2

# Running from : C:\Users\Dustin\Desktop\Malware\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Users\Jerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

File Deleted : C:\Windows\System32\Tasks\EPUpdater

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16428

 

 

-\\ Mozilla Firefox v24.0 (en-US)

 

[ File : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\nnrw2g8z.default\prefs.js ]

 

 

-\\ Google Chrome v31.0.1650.57

 

[ File : C:\Users\Jerry\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : homepage

Deleted : icon_url

Deleted : search_url

Deleted : keyword

Deleted : urls_to_restore_on_startup

 

[ File : C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [4492 octets] - [25/10/2013 12:32:42]

AdwCleaner[R1].txt - [2667 octets] - [20/11/2013 11:08:21]

AdwCleaner[s0].txt - [2580 octets] - [20/11/2013 11:11:19]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2640 octets] ##########

 

Thank you...

[Maniac]

How are things now?

[dostin]

The popup's seem to have stopped for now.  Is it ok to have Avira and Windows defender on at the same time?

 

Thank you

[Maniac]

Glad I could help!

About your question, I recommend you to take a look here:

http://www.avira.com/en/support-for-business-knowledgebase-detail/kbid/972

Step 1

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

• Double click on AdwCleaner.exe to run the tool.
• Click on Uninstall
• Confirm with Yes

Step 3

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!